can't connect from jail to jail itself with binat

[Miroslav Lachman]

I have problem with connections from Jail with binat.
I can connect to jailed services from outside, I can connect to outside 
world from jail, but I cannot connect from jail to jailed services by 
public IP. (for example, connection to www.mysite.tld resolved to IP 
1.2.3.4 is blocked)
The jail itself has IP 172.16.20.3 on interface lo1. Host machine has 
secondary public IP 1.2.3.4 (just an example) on bge1 translated with binat.

--- simplified ruleset ---

ext_if="bge1"
ext_addr_1="1.2.3.4"

jail_if="lo1"
jail_addr_1="172.16.20.3"
jail_tcp_1_inports="{ 21, 22, 25, 80, 110, 143, 443, 465, 587, 993, 995 }"

binat on $ext_if from $jail_addr_1 to any -> $ext_addr_1

block log

pass out on $ext_if inet proto tcp from $ext_if to any flags S/SA 
modulate state

pass in on $ext_if inet proto tcp from any to $jail_addr_1 port 
$jail_tcp_1_inports

pass on $jail_if inet from $jail_addr_1 to $jail_addr_1

--- simplified ruleset ---


I played a bit with pflog and adding some pass rules (like 'pass out on 
$jail_if') but without any luck.
pflog is still reporting:

block out on lo1: (tos 0x0, ttl 64, id 10143, offset 0, flags [DF], 
proto TCP (6), length 40) 1.2.3.4.80 > 172.16.20.3.57670:

Is there any way to allow this type of traffic?

(FreeBSD 7.1-RELEASE i386)

Miroslav Lachman